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ABSTRACT 

The  naner  Elves  an  overview  of  commonly  used  synchronization  primitives  and 
literature,  and  presents  a new  form  of  primitive  expressing  conditional  critical  regions. 

A new  solution  is  presented  to  the  problem  of  readers  and  writers  , utilizing  the 
proposed  synchronization  primitive.  The  solution  is  simpler  and  shorter  than  other  known 
akord hms  The  first  sections  of  the  paper  give  a tutorial  introduction  into  established 
methods,  in  order  to  provide  a suitable  background  for  the  remaining  parts. 
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introduction. 


«„  .vimnia  m »o  [71.  that  the  internal  synchronization 
II  has  been  shown  by  several  au  ors,  ^ oeramming  and/or  multiprocessor  system  can  be 

between  concurrently  executing  processes  i P 8 processes.  Such  synchronization  becomes 

ponor^d  by  '»•  «'  on  HO  »'  1"..  Commonly, 

*.'*“«  -1  “o  Hid.  Ability  n.c.ss.ry  lor  pr.p.r  lune.lo.in.  .1  »P—  on 

Som»phor«  Ml  “™"rrr'  by  tl»  introduction  »'  <«'  *» 

...  x,'r . sr .t  rrttM 

powerful * when^the* synchronization  ^ C°mPle*  ^ d,,,6renCe  h*1"""  ^ 

concepts  is  explained  ^ mentj0ned,  and  show  how  a proposed  solution  in 

This  paper  will  give  a short  revie  ,7  , and  writers"  problem,  has  certain  undesirable 

[4]  to  a commonly  encountered  exampl^  ^ ^ condi(jona|  critica,  regions  is  proposed,  and  exemplified 

«-  writers"  probl.m.  A prool  el  th.  s^pli.n  is  .Is.  "»  "» 

solution  is  hardly  more  complicated  ,h‘"  hronUbon  from  Ih.  op.r.tinj  system's  viewpoint 

A recent  paper  by  Ho.ro  111]  ons.d.r  the  sy  cpr^  ^ ^ ,nd  wri,.rs"  problem.  I will 

;rm:::r^.;T:trpCTnd’?bi:' «. - - *•  and  si"'pi" 

«««• MSCAL  «»»• whith  w"  8l!0 

m [4]  and  [I  I ]• 


CRITICAL  REGIONS. 


Writing  a set  of  data  inio  a section  ot  memory,  or  reading  it  out,  genera.ly  taKes  some  time  and  is 

pertormed  through  execution  of  a series °[  *"”"2^1#* Him.  need  to  operate  on  the  same  set  of  data, 
More  than  one  computational  proces  may ^hav.^a  pPocess  modi<ies  ,h.  shared  data, 

and  those  executions  may  overlap  in  ■ s have  no  way  ot  Knowing  whether  read  data  are  old 

the  results  will  be  wrong,  because  read)  g P jd#  ftej|i1iJ[  1o  prevent  such  harmful  simultaneous 

or  -new"  Th\ solu'7a  '°0'nh;Sw^y  accep,ed  method  to  prevent  simultaneous  operations  is  to  let  such 
operations  on  shared  data.  One  widely  ™ .....  . ■._« 

critical  operations  be  performed  associa  e wi  abstract  concept  which  can  be  assigned  to  some 

A critical  region  of  some  J a time.  Different  critical  regions, 

different  parts  of  different  Progr*ms'  cUompie1e|y  deCoupled  and  have  no  mutual  relationships. 
however’^i^diHeren^designabon^^  ^ assocjat#d  with  , shared  variable  v,  declared  as  follows: 


vnr  v l short'd  T 

A critical  region  is  defined,  and  entered  by  the  notation 
rrgioii  v do  S 

wh„.  s „ . st.tem.nl  wcM  durin*  ft.  critic.  r.8i.n,  S c.h  consist  * by  .nctosin, 

them  between  brgii\  and  end. 
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3 SEMAPHORES. 

A semaphore  is  a shared  single  integer  variable,  declared  as  follows  in  PASCAL: 
i nr  s : semaphore 

. u to  a value  Cs.  determined  by  the  intended  type  of  synchronization. 

SefT1 7^,0 "primitive  (ind.vi sable)  operations  for  the  manipulation  of  a semaphore  are  wait(s)  and  s.gnal(s). 
Their  operation  can  be  described  very  simply  by: 


wait(s): 


s:=s*  I ; 

if  hi 1 1' s < 0 do  SUSPEND; 


(2) 

(3) 


signal(s): 

s:=s*  1 ; 

The  use  of  this  can  be  demonstrated  by  the  following  example,  borrowed  from  [2J. 

A^  communication  buffer  is  organized  as  a circular  linked  list  of  frames,  at  least  2 frames  long.  Two 

pointers  indicate: 


The  first  empty  frame  to  insert  a message  into 

The  frame  before  next  frame  from  which  a message  is  to  be  withdrawn. 


A function,  succ(x),  tl'gua°rjntean*hl*the  buffer  neither  overflows  nor  underflows.  The  latter 

The  synchrony  > must  tha,  ^ j$  d#p0sj,ed  sin£#  w,  |r,  conc.rn.d  with  tw0 

involves  that  a message  c Deposit  is  preceded  by  wait(frame),  and  followed  by 

"y  *.i((r«<ly>  followed  W •“< 

conditions  are:  frame  = Cframe  - buffers.ze,  and  ready  - Cready  - 0,  and  F - succ(R). 


conditions 

The  two  programs  could  be: 

doposit 


wait(frame); 
buffer[F]  :*  message; 
F :*  succ(F); 
signal(ready); 


accopt.  wait(ready); 

R :=  succ(R); 
received  :=  buffer[R]; 
signal(frame); 


frame: 


The  operations  on  semaphores  may  be  visualized  as  follows: 




Cframe 


ready: 

Fig  1 


0 

O.rcady 
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Thr  two  pointers  shown  indicate  the  posi'.ions  attar  on*  deposit  more  than  the  number  ot  accepts 
Initially,  the  pointers  are  located  at  Cframe  and  Cr.ady  It  is  easy  to  see  that  deposit  can  be  traversed 
several  limes  (.  e.  Ctrame  times)  betore  congestion  occurs,  and  accept  must  bo  activated  Until  then,  the 
wail  (frame)  operation  will  not  activate  SUSPEND.  Similarly,  as  long  as  accept  legs  behind  deposit, 
sienaKicadv)  will  have  been  traversed  more  than  wait(ready),  consequently  ready  I 0 However,  as  soon  as 
one  more  accept  is  attempted,  ready  will  become  -I,  and  the  further  processing  will  be  deferred 

* As  already  mentioned,  the  semaphore  operations  wait(s)  and  signal(s),  or  at  least  parts  ot  them,  must 
ho  mdivrablo  Otherwise,  if  tor  example  two  different  processes  simultaneously  were  performing  the 
^ittlTlh.  sim.  variable  s,  the  result  could  be  s(M2)  • s|KH  or  .(M2)  . «(k)-2,  depending 
on  the  ai  bitrary  interleave  of  the  basic  primitives  constituting  the  operation  s :•  s*l.  The  correct  result  of 
n oporalions,  obviously,  should  be  s(k-n)  • s(k)-n,  but,  if  these  n operations  are  arbitrary  interleaved  in 
t,me  the  result  may  be  anything  between  s(k)  and  the  correct  one.  The  problem  is  resolved  by  ensuring 
that  tho  wait(s)  and  signal(s)  operations  are  indivisable.  This  preserves  the  integrity. 

It  the  operations  wait(s)  and  signal(s)  themselves  are  not  indivisable,  then  the  consistence  is 
preserved  by  performing  the  operations  on  semaphores  within  critical  regions,  which,  by  definition,  are 

indivisable.  ...  . 

The  two  programs  of  the  example  should  then  be  modified  to: 

deposit:  rr^ioii  v do  wait(trame); 

butter[F]  :*  message; 

F :*  succ(F); 

region  V do  signal(ready ); 

accept:  regioi i v do  wait(ready); 

R succ(R); 
receivod  :=  buffer[R]; 
region  V do  signaHframe); 

An  alternative  way  of  expressing  essentially  the  same  would  be  to  require  the  wait  and  signal 
subroutines  to  be  handled  by  a scheduler  (monitor),  for  example  like  [11].  Also  then,  however  some 
mechanism  must  be  provided  to  ensure  the  integrity,  for  example  by  granting  monitor  access  to  only  one 

process  at  a time 

4.  CONDITIONAL  CRITICAL  REGIONS 

Conditional  critical  regions  represent  a method  to  synchronize  interacting  processes,  more  advanced 

than  those  methods  explained  in  the  previous  paragraphs.  ...  ,, . . 

As  suggested  by  Brinch-Hansen  [4],  regions  could  be  made  conditional  by  changing  the  form  (1)  to 

(4) 

regin n v when  B do  S 
with  the  symmetrical  complement: 
region  v do  S nunit  B 

Tho  tir-t  form  allows  the  program  to  enter  its  critical  region  v.  If  condition  B does  not  hold,  the  critical 
rcpion  will  be  exited  immediately.  The  article  calls  it  "busy  waiting”,  indicating  that  the  program  will  oop 
tostm-  tor  the  condition  B to  occur.  This  "busy  waiting"  is  obviously  a great  disadvantage.  Fortunately,  it 
can  very  easily  be  avoided,  as  will  be  explained  later  in  this  paragraph. 

Th«  complementing  construct  (5)  causes  statement  S to  be  executed,  and  then  further  execution  of 

tho  process  to  be  delayed,  until  condition  B becomes  true. 

Apparently,  conditional  critical  regions  are  quite  different  from  semaphores  and  unconditional  critical 
reoions  It  is  then  appropriate  to  ask:  what  are  their  relative  advantages,  and  when  is  the  one  method 
bettor  suited  than  the  other?  As  Brinch-Hansen  has  discussed  in  [4],  semaphores  are  well  suited  for  simple 
cases,  .ind  conditional  critical  regions  superior  when  the  synchronization  structure  is  more  complex.  __ 

To  demonstrate  the  difference,  paper  [4]  gives  two  solutions  to  the  so-called  readers  and  writers 
problem  one  with  semaphores  and  unconditional  critical  regions,  and  one  with  conditional  critical  regions 


(5) 
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4.1.  The  "readers  and  writers"  problem. 

The  "readers  and  writers"  problem  tends  to  become  a classical  example,  and  hat  appeared  in 
several  papers,  as  for  example  [4],  [5],  [6],  [9],  [10],  [11].  It  was  apparently  mentioned  first  by  Courtois 
et  al  in  [6]  It  is  stated  as  follows: 

Several  writers  are  depositing  messages  into  a buffer,  from  which  several  readers  will  read. 
Any  number  of  readers  may  access  t le  buffer  simultaneously,  but  a writer  shall  have  exclusive 
access.  Further,  writers  have  priority  over  readers. 

Several  possible  solutions  exist.  One  of  the  simplest  encountered  is  Brinch-Hansen’s  solution  with 
conditional  critical  regions  in  [4],  Although  his  solutions  represent  a somewhat  simplified  example,  this  fact 
does  not  affect  the  ability  to  compare  the  two  synchronizing  eoncapts.  It  is  shown  in  [4]  that  conditional 
critical  regions  give  a far  simpler  solution  than  the  use  of  only  semaphores.  The  solution  presented  in  [4] 
is: 

declaration 

I'ar  v : thared  record  rr,  aw  : integer  end 

reader 

region  v when  aw  * 0 do  rr  :*  rr  ♦ 1; 
read; 

re  cion  v do  rr  :*  rr  ~ 1; 

writer 

region  v do  aw  :«  aw  ♦ 1 awail  rr* 0; 
write; 

region  v do  aw  :«  aw  - 1; 

where  the  identifiers  are: 

v is  the  critical  region 

rr  denotes  number  of  "running  readers" 

aw  indicates  the  number  of  "active  writers",  i.e.  writers  that  have  been  granted  access  or  are 

actually  writing. 

In  his  later  werk  [10],  Brineh-Hansen  uses  a somewhat  different  form,  apparently  as  an  effort  to 
eliminate  certain  undesired  effects.  This  will  be  discussed  later  in  this  paragraph.  For  our  purpose  here,  to 
explain  the  operation  of  conditional  critical  regions,  the  earlier  form  is  chosen,  since  this  is  more  similar  to 
the  form  I will  propose  in  the  following. 

Unfortunately,  as  pointed  out  by  the  authors  of  [6],  Courtois,  Heymans,  and  Parnas,  in  e comment  [5] 
to  Brinch-Hansens  article  [4],  Brinch-Hansens  simple  solution  is  incorrect,  or  haa  at  least  certain 

undesircable  effects:  ...  . . . 

As  far  as  the  algorithm  is  concerned,  the  order  of  admitting  waiting  readers  and  writers  into  the 
critical  region  is  quite  unpredictable.  Thus,  it  is  possible  that  a writer  may  wait  indefinitely  during  a stream 
of  incoming  readers.  This  conflicts  with  the  requirement  of  priority  for  writers.  Paper  [5]  points  out  the 
error  in  [4]  but  gives  no  solution,  other  than  referring  again  to  the  solution  in  [6],  with  semaphores. 
Another  consequence,  but  not  mentioned  i [5],  is  that  rcg'ion-calls  from  outgoing  readers  (second 
rn/jinn-call)  may  well  be  blocked  from  the  region  by  a burst  of  Incoming  readers,  thus  preventing  the 
number  of  "running  readers"  to  be  counted  down. 


I 


I 
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4 2.  Diocussion  of  undesirable  effects. 

It  r not  mentioned  in  [4],  but  it  seems  necessary  to  require  the  dispatcher  to  release  region  v at 
the  entrance  of  the  await  function.  Otherwise,  « deadlock  will  occur:  The  controlled  variable  of  B is  a 
, hiri,d  vat  table  changed  by  some  other  computational  process.  This  operation  will  usually  be  placed  within 
region  v if  region  v were  not  released,  no  other  process  could  enter  it,  and  condition  B would  remain  false 

f°r  eVBut  one  could  ask:  Could  not  the  operation  on  the  controlled  variable  of  B be  performed  outside 
' 7,  N° (hat  would  only  exceptionally  be  possible.  Generally,  that  would  contradict  the  purpose  of 
rC‘r'i  u critical  regions'  To  prevent  spurious  errors,  due  to  uncontrolled  interleave  of  operations  on 
*Til»  ..’nlrollad  variable  of  6 ia  a aharad  ..riabla,  ,1  would  imp.d.  lb.  .orra.l 

^"^TahiuTd  'b^*  th.  arilical  ration  ahould  0.  r.l.aa.d  upon 

antranea^ol  tha  w.,l,nt  alala.^  ^ ,u„t||.„  ,ink.d  „ in.  ro.ion  .all  ol  lorn,  15).  Th.y 

should  be  separated,  making  them  two  individual  statements: 


and 


rofl/fUi  v do  S 
nu  nil  B 


(6) 

(7) 


Statement  (6)  is  identical  to  the  original  unconditional  rr^im.  call,  of  form  (1).  This  splitting  would 
, ' ' H iiov.bilitv  since  it  would  permit  the  use  of  the  mind  function  more  freely.  One 

provide  -.on, a ™ *.»dk ,hi'  r,T"r.  call  h.a  lb.  ad».nl.S.  that  lb.  ow.i,  lun.li.n  .an  mor.  ..ally  b. 
<ould  ar  puo,  hat  ^ i.!  Ita  S <a»,  >0  Ib.l  Ih.  dfapat.h.r  will  nol  r.-.nt.r  lb.  pro.aaa  ata.n, 

"n^ond  lion  B ha-  bo.oma  Iru.  W.tb  Iwo  a.paral.  alalamanta,  an  antra  and  Ibua  unn.c.aaary  op.ral.ns 
until  condition  B ha,  become  .rue  £ , h ,d  b#  a trjvja|  lask  ,or  a moderately  intelligent 

sat  r.«^r.”.v«rv:ni  ^ ~ ««•»■* •- 

int'-b iy'Ti* InV ^'rabouM  M7ol‘id'fb”  “''.rilical  ration  ia  a r.aour.a,  .bmp.I.d  lor  by 
Kegaromg  ou  y s - -■  ( . ( , b resolved  by  some  dispatching  program,  usually  a 

r.;r:  ,rss^s:  ss  .b.y  .1-.™*  <«>  * •»»«* « • «■»  <• «» 

■£  swss  r zxzsz  ,b.  h, 

critical  rogion  call,  to: 

(8) 

region  v do  begin  nwnit  B;  SI  end 
cooperating  with  an  unconditional  region  call  like  U): 

, co  (9> 

region  v do  52 

whore  S2  is  supposed  to  alter  condition  B.  This  looks  like  a deadlock  again,  referring  to  the  definition  of 
wh"  c,  VL.  auiKnr  circumvents  this  by  defining  a special  temporary  release  of  region  v while  the 

T 1‘n™™  a ^SaSn  B,  thua  allowin,  lb.  =...nd  pro.aaa  to  altar  B.  Tbi.  I.mporary 
reU.-o  i-  how.v.r,  inafd.  4n,in  and  on i ol  ration  v,  and  Ihia  a.oma  ralbar  unlo,i.al.  II  aaama  unhbaly  lo 
.unaa*  this  kind  ol  oparalion  from  maraly  raadint  Iba  protram  la*l,  and  il  fvaa  an  untlaan  internal 
operation  ol  Ih.  diapat.har,  manipolalin,  th.  ..Hint  pro, ram  from  lb.  mam  qu.u.  and  o».r  lo  anolhar, 
temporary  queue. 


f 
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A remark  in  [I  I]  points  out,  that  transferring  the  responsibility  for  testing  of  condition  B over  to  the 
monitor  or  dispatcher  may  impede  the  efficiency,  because  expression  B must  be  re-evaluated  after  every 
exit  from  a procedure  of  the  monilor  There  might  even  bo  several  similar  expressions  throughout  the 
program  that  required  similar  re-evaluation.  Fortunately,  this  can  be  improved  considerably.  Firstly, 
efficiency  can  be  improved  by  the  user  himself,  by  applying  only  simple  conditions  at  B,  like  X ■ specified 
intoper  boo  = true  etc  The  second  approach  to  improvement  requires  some  explanation:  The  inefficiency 
hardly  linked  to  where  a testing  is  effected,  whether  this  is  in  the  application  program,  or  within  the 
operatin';  system  In  any  case,  this  is  basically  "busy  waiting".  An  alternative  to  testing  of  condition  B ms.de 
the  monitor  is  to  onter  the  function  (wait  or  region)  itself,  and  perform  the  testing  there.  This  busy 
waiting"  is  definitely  no  more  efficient  than  doing  it  inside  the  monitor.  Considerable  higher  efficiency  can 

be  obtained  by  another  and  different  approach: 

Tho  compiler  could  generate  a list  for  each  procedure,  containing  controlling  variables  of  wait 
and  conditional  critical  regions,  affected  by  the  particular  procedure,  together  with  references  to 
the  wait  and  region  functions  At  each  procedure  exit,  only  the  conditions  for  the  wait  and  region 
functions  referred  to  in  the  list  should  be  re-evaluated. 

More  philosophically,  one  might  perhaps  say,  that  there  are  totally  three  different  methods  to  effect  an 
action  upon  the  occurrence  of  a certain  condition  or  event: 

♦ Interrupt  generated  by  the  event. 

♦ "Busy  waiting"  with  repeated  testing 

♦ Prior  to  run-time,  prepare  a list  showing  functions  affected  by  a change  of  value  of  a variable 
within  a certain  code  body,  like  a procedure.  At  run  time,  this  list  provides  the  ability  to  refer 
actions  directly,  rather  than  testing  the  conditions  from  .he  opposite  direction. 

4.3.  Conditional  critical  regions  with  priority. 

So  far  nothing  really  new  has  been  mentioned  about  critical  regions.  I have  merely  explained  certain 
consequences  and  restrictions  of  methods  published  earlier,  although  these  restrictions  do  not  seem  to  have 
been  fully  recognized  in  the  published  articles. 

It  seems  now  appropriate  to  propose  a form  of  conditional  critical  region  calls  that  has  none  of  thr 
dofocts  mentioned  above  The  new  form  is  simple  to  use  and  to  understand,  because  it  is  natural  and 
directly  attacks  the  problem,  besides  it  should  give  a very  efficient  code.  ,, 

The  new  form  introduces  priority  into  forms  (4)  and  (6)  above  and  comprises  three  system  calls: 


region  v:*p  when  B do  S 
region  v:=p  do  S 
own  it  B 


(10) 

(11) 

(12) 


Corresponding  to  the  remarks  about  flexibility  of  await  B,  form  (7),  the  await  function  can  arbitrarily 
be  used  in  connection  with  the  conditional  (10)  or  unconditional  (11)  region  call. 

The  new  element,  p,  is  an  integer  or  integer  expression  denoting  the  relative  priority  for  granting 
the  region  among  competing  programs.  The  assignment  v:»p  is  not  effected  until  the  critical  region  is 
entered,  and  the  scheduler  should  arrange  the  queue  of  requesting  access  .to  the  region,  according  to 
decreasing  values  of  p,  such  that  that  one  with  the  highest  value  will  be  picked  first.  The  resuit  is  a 
selection  according  to  relative  priority.  The  value  of  p must  be  defined  before  use,  and  dynamic  priority 

should  bo  easy  to  apply  ....,,  , . 

Naturally,  only  p-values  belonging  to  calls  within  the  queue  are  considered,  and  calls  entering  the 

queue  after  a region  is  entered  will  be  queued  normally  and  only  considered  after  the  region  is  released, 
even  if  tho  priority  of  the  process  currently  in  the  region  has  lower  priority  than  the  approaching  process. 
Although  this  non-preemptive  interpretation  of  priorities  should  be  quite  self-evident,  it  is  mentioned  here, 

to  emphasize  the  fact  before  starting  proving  ihe  algorithms  in  the  next  section. 

With  this  method,  the  "readers  and  writers"  problem  has  a solution  that  is  simpler  than  o.her 
solutions  frequently  encountered  in  the  literature,  besides  it  has  none  of  the  defects  cited  In  section  4.5,  I 
will  present  an  efficient  and  simple  solution  to  a new  version  of  the  problem,  presented  in  [1 1 J. 
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The  solution  to  the  original  version  of  the  problem  is: 

Jfihiiaticn  • 

,nr  V : shared  record  rr,  aw  : integer  end 

irutml  wines. 

aw:=0;  rr:=0; 


jt'iuln 


region**  1 *hen  aw  * 0 do  rr  :«  rr  * 1 ; 
read; 

region  v :=  3 do  rr  :*  rr  * I ; 


tut  it  a „ , . 

rrCion  V :=  2 when  aw  * 0 do  aw  :•  I; 

ntiftil  rr- 0; 
write; 
aw  0; 

, 0 .he  forms  (10)  and  (11)  are  similar  to  (4)  and  (5),  it  should  not  be  surprising  to  find  the  rr, 

..hJ’SJ  <•  m •—  -m- «—• '• — ! 

tu  tnr  readers  deviates  only  in  the  inclusion  ot  priorities. 

* J,  Ihe'prORraL  tor  writer,  a new  condition  when  aw-0  is  included,  making  the  region  call  simil,- 

to  that  ot  the  readers.  aw.«aw*l,  since  aw  will  never  need  to  have  values  d.tterent 

* T'STfhu,.  ",  simpl.  b.ol..n  v.ri.bl.  could  b.  sd.qu.t.,  proved  th.  I»ngu,g.  syrt.-r 

„ «-:■<>.  t.rmin.ting  lb.  writ.  st.t.mct,  ned  not  b.  p.rl.rm.d  incid.  lb.  critic, 

region. 

4.4.  pr„ol  of  correctness  ol  new  solution  lor  "readers  and  writers"  problem 

L.I  „ „s.  Ih.  following  dofinibons  ol  "Kti»."  .nd  "running"  peers..,  .lightly  modili.d  from  -nj: 

A procs.  is  itniw  from  the  mom.nl  it.  r.qu.st  of  . r.sourc.  is  schnowl.dg.d,  uni, I lb. 

A "cccs'ls" running  from  Ih.  insl.nl  it  h.s  b..n  giv.n  Permission  to  us.  th.  r.sourc,  uni, I ,1 
is  released. 

The  definitions  can  be  visualized: 


roquest  acknowledged 
request  j 


permission  to  use 
resource 


release 


Fig  2. 
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With  respect  to  the  programs  lor  readers  and  writers.  active  and  running  processes  are: 

A reader  ,s  . utw  from  the  moment  it  has  entered  its  region  v before  reading  until  it  has  left 
Region  v after  reading  A reader  is  running  from  the  moment  it  leaves  region  v before  reading. 

A1 it  Has  entered  its  region  v before  writing,  until  it  has 
executed  statement  aw:=0  after  writing.  It  is  running  from  the  .nstant  it  has  ended  the  await 
function  and  is  to  start  writing,  until  it  has  executed  statement  aw:«0  after  writing. 

I„  addition  to  identifiers  introduced  earlier,  the  following  identifier  is  used  in  the  proof: 

rW  the  number  of  running  writers,  according  to  definition  above. 

The  proof  will  follow  these  lines: 

, A set  of  criteria  is  established,  believed  to  constitute  sufficient  conditions  for  the  proof  to  be 

complete. 

2 A sot  of  lemmas  is  established 

3.  Based  on  the  lemmas,  each  criterion  is  shown  to  be  satisfied. 


CRITERIA  FOR  CORRECTNESS  OF  PROGRAMS: 


Cl 


C2 


C3. 

C4. 

C5 


Mutual  exclusion  of  running  processes  follows  two  invariants: 

XI  - (0<rw<l)  (or:  XI  * <(rw«0)  v (rw-t))  ) 

X2  * -(rr>0  A rw'-O) 

XI  and  X2  are  both  invariant  true 

(O.O.I.P,  but  .s  soon  .0  . wril.r  h.«  oppll.d  lor  ..css, 

?e^hr  access^of  new  incoming  readers,  as  well  as  other  writers,  is  prevented.  Running  readers 
are  allowed  to  conclude  When  all  running  readers  have  terminated,  the  pending  writer  is  given 

No'IXVrenV.5  (i  e.  unwanted  or  uncontrolled  interaction)  exists  for  us.  of  shared  variables. 

Tnco^ingwrit^Vha'vi  priority  over  incoming  readers.  (Also  expressed  implicitly  in  CZ.) 
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.EMMAS: 


.5 

16. 


L9. 


110 
LI  1 


“'.’nr**"**  r°V--'=‘U^  r*'10"'  0P,rS"°'’S 

SKT-  — • — <~*v  zrtr'2Z£& 

function  cod  rr:.rr-l  following  !.h*  ,u~''07’(C*iv.  which  is  the  number  of  loader. 

- ’ ’h,'r  r‘6,0n' 

s&vsa - ms  r 

“ell  '^lemonT  wore  cub.ldnl.d  by  e.-ml  which  ^"rJZTo«,  enter,  until  the  lirel  on.  he. 

«“■  * ,ha"  1 

active,  t o.  aw  c*o  only  attain  the  values  or  . wf,t.rs  can  only  be  inactive 

When  en  outgo,,.,  .r.t.r  ■«  to  „ will  not  interior.  with  eny  other 

welting  tor  - :««.  bocauc.  « b,  ,lorm.6  „„,.id.  th.  er.tic.l  region, 

::r  though  - * by  «.... 

«Ur\*Tonht  ,t  available,  . i running  'e^*'  “'7“' w3y^r.*iltoj  to  com.  other 

unconditional  M may  be  de'ayed I if  ^ ^ be  yfiry  shorti  however,  since  no  process 

executes  mi*  ^hw'r.inftl.  a"' integer  that  only  changes  its  value  by  unity, 

Because  ot  th*  invariant  rr>C  (see  LS^a  be  8attained,  if  further  access  for  mcom.ni 

'^ador'a1  exerutini  7rwnl)  were  blocked  from  some  point  on,  and  provided  that  all 

operations  are  executed  in  a finite  tirn®  _ j,,  b#  performed  by  an  active  writer  Since 

A blocking  o incoming  readers,  a! : men  . incoming  writer  will  be  granted  access  to  v 

incoming  wrters  have  P"0"**  °**r  read  ^ ^ formed  before  further  incoming  readers 

before  any  ncommg  readers,  so  that  aw  y will  be  denied  for  all  incoming  proces.es, 

will  be  considered.  Then,  further  it  * ThuSi  an  incoming  wnter  may  be  delayed  m 

and  tho  blocking  mentioned  m L8  wil  be  t ti  because  rr*0  will  eventually  become 

its  await-function,  but  it  will  remain  here  only  » ^ „b|ocking..  of  incoming  readers  will  be 

true,  as  staled  in  L8.  It  is  also  important  . no  h d executed  aw:=0,  and  this  can  only 

Uhl, I the  ..live  ^ th.  n.C.ity  «'  "*»•  Th,“!’  ">• 

happen  .Iter  it  h>.  r.m.m  un.,1  r,  he.  been  counted  down  to  rr-0, 

blocking  of  incoming  readers  win,  on 

« efted  in  l»-  i,  . eube.t  ot  etet.  oo.iuo,  implying  th. 

A running  writer  is  also  ac\iv«. 
invariant  true: 

V — (0<r  v<aw) 

The  Boolean  X2  can  be  changed  to: 

byXDVI:^th.Ti.  Since  rr  end  r.  er.  ncn-n.g.liu.  integer, 

rrto  implies  rrs0  ,nd  rw*°  Imp  "S  rWS°'  Th 
X2  * (rr-0)  v (rw«0) 
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PROOFS: 


PI. 


P2 


P3. 


P4 


P5. 


as  only  possible  values 


P 6. 


Boceuco  o!  Lemma  15,  s.atm6  that  a»  car  enl,  attain  the  v.lu»  0 o,  1,  m.arianl  Y (...  HO) 

gives  immediately 
f 0 ) 

rw  = ii  i 

This  proves  invariant  XI  in  Cl. 

p,00l  ot  X2-t™.  in».r.ant^  ^ ^ „ w.  c,„  sWw  .ilh.r  rr.O  o,  rw-0  Th.  progr.m 

ioVwri'wfr  shows ' according  to  the  dehnition  for  running  w-iters,  that  when  a writer  is  running. 

. at u,  he  p” -:,n  ol  ouvril  rr=0,  then  rr.O.  This  must  last  at  least  until  the  writer  no  longer 
since  aw/O  blocks  incoming  readers,  according  lo  L9.  When  a writer  « running,  then 

rw/O,  by  definition 
This  shows  that  either: 
rr  - 0 or  rw  * 0 

which  implies  X2  = (rr)0)  v (rw)0)  is  invariant  true. 

This  completes  *h®  pr®°*0<  ed  in  p\  an<j  P2.  XI  expresses  that  only  one  writer  can  be 

Tho  stronger,  L5  states  that  only  one  writer  can  have  access  (i.e.  be  active) 

TaTme  VVsTates  that  further  access  ol  incoming  readers  is  blocked  when  a reader  is  active, 
this  lemma”  further  states  that  th.  active  writer  becomes  running  when  alt  running  r.ed.rs  have 
terminated  Thus,  C2  is  satisfied. 

Proof  of  C3: 

L23Ind  Lottes  Winter (6^ nee  for  rr  and  aw.  The  buffer  is  changed  only  by  a writer,  when  it 
Is  running  We  have  already  proved  (P3)  that  when  this  occurs,  no  other  process  has  access  to 

the  buffer  This  completes  the  proof  of  C3. 

Onfnec'esslrrcon^on  for  deadlock  is  that  a program  holds  resources  while  waiting  for  other 
programs  to  release  resources.  If  this  is  proved  not  to  be  true  then  deadlock  will  not  occur. 
Resources  common  to  the  program,  and  of  significance  for  the  deadlock  problem: 

The*" only'  place 'rr^O 'is  Condition  for  proceeding  is  at  th.  aumt  rr-0  in  the  writer’s  program  At 
Z point  the  writer  is  neither  in  the  region,  nor  is  aw  any  condition  for  th.  execution  which 
i Ar  rr-n  Thus  the  waiting  for  rr* 0 will  not  induce  deadlock. 

“t,!  J:  Access  to  region  v can  be  denied,  either  because  th.  region  is  granted  to  some  other 
hncause  awi<0  If  the  re"ion  is  granted  to  some  other  process,  this  will  never  last 
;;rngCCa7)  f aw  a W^ter  m!£  be'active, ‘and  then  aw:*0  remains  to  be  done.  Since  we  ave 
u S await  rr*0  will  not  involve  deadlock,  the  writer  will  proceed  normally,  and  finally 

shown  tha  awaiting  for  aw=0  will  not  cause  deadlock.  This  shows  that  th.  cited 

it  "0.  ..tistied  Deedlock  „ prevented,  end  criterion  C<  . 

satisfied.  , 

ssfsyr:  - •-  «- 

that  p-2  for  writers  and  p«l  for  readers.  Thus,  C5  is  satisfied  immediately. 


This  completes  the  whole  proof. 
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4 b.  A solution  to  a modified  version  of  "readers  and  writers" 

Hoar©,  in  [1 1 ],  has  presented  a slight  modification  Of  the  "raiders  and  writers”  problem: 

The  writers  have  priority  over  readers,  as  Originally.  However,  readers  waiting  at  the  end  of  a 
write  are  given  priority  over  the  next  writer.  The  purpose  is  to  avoid  the  danger  of  indefinite 
exclusion  of  readers,  in  a burst  of  successive  writers. 

A simple  solution  of  this,  applying  the  method  of  conditional  critical  regions  with  priority,  is 
presented  without  a formal  and  complete  proof: 

nVi  ,'iv:noir 

, nr  v : shared  record  rr,  aw  : integer  end 

t nituil  o<t'n i's. 

aw:-0;  rr:*0; 


rrfiion  v :=  1 do; 

re  pi  mi  v :=  3 when  aw  * 0 do  rr  :*  rr  ♦ 1; 
read; 

region  v :*  4 do  rr  :=  rr  - I ; 


witter 

region  v :=  2 when  aw  » 0 do  aw  :*  1 ; 
an  nit  rr- 0; 
write; 
aw  :*  0; 

This  solution  appears  simpler  than  that  in  [11]  which,  moreover,  does  not  deal  with  the  contention 
problem  at  all 

When  comparing  with  the  solution  of  the  original  problem,  shown  in  section  4.3,  one  note 
immediately  the  following  details: 

* The  increase  of  the  highest  priority,  that  one  of  outgoing  readers,  from  3 to  4.  This  should  make 
no  difference,  since  it  is  the  highest  priority  in  each  case. 

* The  "writer"'s  program  is  unchanged. 

* "Reader"'s  program  is  extended  with  a preceding  region  call,  without  action  statement. 

* Following  the  first  region  call  for  incoming  readers  is  the  conditional  region  call,  as  originally 
However,  the  prior  ty  is  increased  beyond  that  of  the  writers. 

Region  call  of  priority  I has  the  same  purpose  as  that  of  the  original  solution:  Preventing  the 
continuation  in  the  program  if  a reader  arrives  to  this  point  simultaneously  with  a writer  being  on  the  point 
of  entering  the  region.  Then,  the  writer  will  prevail.  After  the  writer  has  left  the  region,  the  reader  will 
continue  but  will  be" suspended  in  the  next  region  call,  waiting  for  aw=0,  as  previously. 

If  a reader  arrives  slightly  before  a writer,  the  reader  will  enter  its  region  the  first  time  After  this 
point,  it  is  guaranteed  to  continue,  also  into  the  next  entry  of  the  region,  despite  the  waiting  writer, 
because  of  the  higher  priority  3.  Thus,  the  two  region-entries  will  not  be  separated,  and  the  reader  is 
allowed  to  continue  until  termination,  together  with  other  active  readers,  before  the  write  is  acknowledged. 
Readers  arriving  later  must  first  enter  region  v with  priority  1,  however,  and  this  is  prevented  at  this  time 
by  the  ponding  writer,  which  will  be  granted  access  first.  This  separates  incoming  readers  into  two  groups: 
Those  who  have  not  entered  tha  region  the  first  time:  these  must  wait  until  the  writer  has  changed  aw, 
upon  which  they  will  be  trapped  at  the  next  entry  of  the  region.  The  other  group  consists  of  those  having 
arrived  before  the  writer;  these  will  continue  until  termination. 

While  a writer  is  active,  readers  may  freely  enter  region  v the  first  time,  since  this  is  uncondition  si. 
Then,  the/  will  wait  for  aw*0.  Assuming  that  another  writer  arrives  together  with  readers  during  a write, 
the  situation  is,  at  the  instant  when  the  active  writer  terminates:  Pending  readers  applies  for  region  v with 
priority  3 and  thus  dominates  the  waiting  writer.  Possible  new  readers,  however,  having  yet  not  entered 
the  region  the  first  time,  will  be  delayed,  because  of  the  low  priority  =1,  until  the  writer  has  passed  the 
region.  At  this  time,  however,  aw*l  and  the  new  readers  must  wait  until  completion  of  the  writer. 
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Consequentty  also  Ibis  tim.  we  have  effectively  separated  applying  readers  into  two  groups:  Those  who 
entered  during  tha  prev.ous  write,  and  those  arriving  after.  The  effect  is  as  required. 


Ill 
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